[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250831190315.1280502-1-alok.a.tiwari@oracle.com>
Date: Sun, 31 Aug 2025 12:03:13 -0700
From: Alok Tiwari <alok.a.tiwari@...cle.com>
To: jiri@...dia.com, stanislaw.gruszka@...ux.intel.com, andrew+netdev@...n.ch,
davem@...emloft.net, edumazet@...gle.com, kuba@...nel.org,
pabeni@...hat.com, horms@...nel.org, netdev@...r.kernel.org
Cc: alok.a.tiwari@...cle.com
Subject: [PATCH net] genetlink: fix genl_bind() invoking bind() after -EPERM
Per family bind/unbind callbacks were introduced to allow families
to track multicast group consumer presence, e.g. to start or stop
producing events depending on listeners.
However, in genl_bind() the bind() callback was invoked even if
capability checks failed and ret was set to -EPERM. This means that
callbacks could run on behalf of unauthorized callers while the
syscall still returned failure to user space.
Fix this by only invoking bind() if (!ret && family->bind)
i.e. after permission checks have succeeded.
Fixes: 3de21a8990d3 ("genetlink: Add per family bind/unbind callbacks")
Signed-off-by: Alok Tiwari <alok.a.tiwari@...cle.com>
---
net/netlink/genetlink.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/net/netlink/genetlink.c b/net/netlink/genetlink.c
index 104732d34543..3b51fbd068ac 100644
--- a/net/netlink/genetlink.c
+++ b/net/netlink/genetlink.c
@@ -1836,7 +1836,7 @@ static int genl_bind(struct net *net, int group)
!ns_capable(net->user_ns, CAP_SYS_ADMIN))
ret = -EPERM;
- if (family->bind)
+ if (!ret && family->bind)
family->bind(i);
break;
--
2.50.1
Powered by blists - more mailing lists